<?php  
	include(ROOTPATH .'include'. DS .'protect.php');
	$media_ids		= explode('_',getQuery('id'));

	$id 			= (int)$encrypt -> recode($media_ids[0]);
	$mediaPart		= (int)$media_ids[1];
	$page			= (int)getQuery('page');
	

	if( $page != 0 )
		$mediaPart = $page ;
	if( $mediaPart == 0 )
		$mediaPart = 1 ;
		
		
	$sql = 'SELECT * FROM `'.DB_PRE.'file` WHERE `id` =  '. $id;
	$lists = $dbs -> select($sql );
	$list = $lists[0];
	
	$isExist = true ;
	if( count( $lists ) == 0 )
		$isExist = false ;
	
	
	$file_paths = explode('|',$list['file']);
	$fileName = $file_paths[$mediaPart - 1] ;


//////////////////////////////////////////////////   down data


//根据文件名获取后缀

//检查盗链
$referer = parse_url($_SERVER['HTTP_REFERER']);
$whiteSites = explode('|',QUOTE_SITES) ;


$url = HOSTROOT. $fileName ;

//获取文件在服务器上的绝对路径
$path = ROOTPATH .$fileName;


$isAllow = true ;

if( !in_array( $referer["host"] , $whiteSites  )  ){	
	$isAllow = false ;
	//.jpg
	//$fileName = THEME_PATH ."images/mediaThumb.jpg";
}

if( !file_exists($path) ){
	$isExist = false ;
	//$fileName = THEME_PATH ."images/mediaThumb.jpg";
}
	



$extension = strtolower(trim(substr(strrchr($fileName, '.'), 1)));



// hits
if( $isExist ){
	$array = '';
	$array['file_id']	= $id ;
	$array['part']		= $mediaPart ;
	$array['created']	= date('Y-m-d H:i:s',time()) ;
	$array['ip']		= ip() ;
	
	$referer = parse_url($_SERVER['HTTP_REFERER']);
	if( $referer['host'] == HOST_NAME  )
		$array['referer']	= 'My' ;
	else
		$array['referer'] = $_SERVER['HTTP_REFERER'] ;
	$dbs -> insert( DB_PRE .'file_down', $array );
}

if(!$isExist)
	$path = ROOTPATH .'theme/' .THEME ."/images/notExist.jpg";

if(!$isAllow)
	$path = ROOTPATH .'theme/' .THEME ."/images/notAllow.jpg";

	
if( $extension == 'flv' || $extension == 'mp4'  ){
	if($isExist)
		echo $url ;
	else
		echo '不存在';
		
	exit();
}
 

//检测非法链接
if( substr($path,3,3) == '://' || substr($path,4,3) == '://')
	exit('');

if( $isExist ){
	$size = filesize($path);
}else{
	$size = 1000 ;
}
 
if( $size  > 30 * 1000 * 1024 ){
	header("Location: ". $url);
	exit();
}else{
	switch ($extension){
		case "jpg":
		case "jpeg": $ctype="image/jpeg"; break;
		case "pdf": $ctype="application/pdf"; break;		
		case "gif": $ctype="image/gif"; break;	
		case "png": $ctype="image/png"; break;
		case "doc": $ctype="application/msword"; break;	
		case "zip":	$ctype="application/zip";break;	
		case "rar":	$ctype="application/rar";	break;	
		case "mp3":	$ctype="audio/mpeg3";	break;	
		case "avi":	$ctype="video/avi";	break;	
		case "doc":	$ctype="application/msword";break;	
		case "xls":	$ctype="application/vnd.ms-excel";	break;		
		case "wav":	$ctype="audio/wav";	break;	
		case "html":
		case "htm": $ctype="text/html";	break;	
		case "txt":	$ctype="text/plain";	break;
		case "flv":	$ctype="flv-application/octet-stream";	break;
		case "mp4":	$ctype="video/mp4";	break;		  
		default: $ctype="application/force-download"; //$ctype="application/octet-stream";
	}
	
	header("Pragma: public");
	header("Expires: 0");
	header("Cache-Control: no-cache, must-revalidate"); 
	//header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
	header("Cache-Control: private",false);
	header("Content-type: ". $ctype);
	header("Content-Transfer-Encoding: binary");
	header("Content-Length: ". $size);
//	header('Content-Disposition: attachment; filename="'.basename($fileName).'";');

	//Warning set_time_limit() has been disabled for security reasons 
	//set_time_limit( 1 * 24 * 3600 );
	
	readfile($path);

	exit();
}
?>